As compliance officers, we assess and discuss risks. We talk about fines and penalties, burdensome integrity agreements or even potential exclusion from government health programs like Medicare or Medicaid. Sometimes we even talk about reputational risk. This is especially important for entities that rely heavily on their reputation or place within the community.
Even though we discuss reputational risk, it probably isn’t our number one focus despite the fact that our organizations could benefit from addressing reputational risk.
Case in point: Zuckerberg General Hospital in San Francisco. Many of you may be aware of some recent reporting and podcasts associated with large ER bills with significant balance billing to patients after out of network commercial insurance companies have paid their relatively smaller proportion of the bill.
Many of us in compliance are aware of the financial hardships that often face patients when insurance doesn’t cover the majority of their healthcare expenditures. And because there often aren’t any laws or regulations against balance billing of private pay patients, compliance departments might not be brought into discussions on these issues.
But compliance has a unique skill set in helping organizations document policies and procedures. Compliance is also aware of how to review policies and imagine how the policy could affect the hospital’s financial situation, patients and the community at large that it is trying to serve.
In the balance billing example, Zuckerberg General is an out of network hospital for all commercial payors as its focus is on Medicare and Medicaid patients. But when it comes to the ER, they are the only level 1 trauma center in the immediate area so they are likely to receive a good number of visits from out of network patients with commercial insurance. In the story, a patient incurred a $24,000 emergency room bill but her insurance only paid $3800. That left a balance of around $20,000 and the hospital billed that balance to the patient.
After much public attention and news stories, Zuckerberg Hospital decided to change some of their policies, but, as some might say, only after they experience some pretty bad press potentially resulting in reputational harm.
Principles from effective compliance programs could have been applied proactively before the issue even became an issue in the news. If the financial billing policies of the hospital was being reviewed on a regular basis with a critical eye, someone might have noticed how this issue could arise and the policy could have been changed before this patient’s experience hit the news.
Similarly, compliance programs are often performing enterprise-wide risk assessments. Often, these assessments include asking the question of both high-level and front-line employees. Perhaps an annual risk assessment could have included interviews with employees involved in collections or patient payments and those employees might have been aware of similar scenarios and they could have raised the concern that this might not look good for the hospital’s reputation. Hindsight is 20/20, I know. Some reputational risks just can’t always be identified beforehand. But, trying to proactively apply principles learned from effective compliance programs, could pay off for your institution’s reputation, especially those organizations who always seem to be in the spotlight for a community.